💾 Archived View for bbs.geminispace.org › s › misfin › 5611 captured on 2023-11-14 at 08:55:18. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-04)
-=-=-=-=-=-=-
So, I just wanted to write here what I noticed about the spec allowing for two different server configurations. I think thinking of it in this way helped me to start figuring out how I should write my misfin server.
1. One-mailbox server. The (self-signed) server certificate has a mailbox name in its USER_ID field, as per the spec.
2. Multi-mailbox server. There's one (self-signed) server certificate that acts as a CA that signs each mailbox certificate. Does the server certificate still need the USER_ID field?
I do have one question. When a client sends a request to the server, the fingerprint that is sent back: is that the fingerprint of the mailbox cert, the server cert, or the requesters cert?
Sep 27 · 7 weeks ago
@clseibold In a "one-mailbox" server, the fingerprint that's sent back is the fingerprint of the server's certificate. In a "multi-mailbox" server, i think the replied fingerprint should be the fingerprint of the certificate for the mailbox that the message was delivered to.
Regarding the USER_ID question, and by looking at the python code, it seems that the CN and USER_ID fields are mandatory but @lem-two would know better. Good luck.